Panic, Privacy, and You

Overview

We strongly believe you have the right to privacy when using our apps.

Our privacy policy is simple: your data is none of our business. To
the extent that our apps can provide their functionality without doing so, we
always prefer to avoid collecting any data from you. In the cases where we do collect
data, we give you the ability to opt out whenever possible.

So, here's some detail about what our apps do, and why.

Usage Analytics

Some of our apps may collect information about the way you use them by default. This
data is always anonymized before it is sent to us, and cannot be used to personally
identify you. You can always opt out of usage analytics if you wish.

We look only for broad patterns in the aggregated usage data, such as whether
or not a particular feature is frequently used, or whether users in general
prefer one setting over another. This helps us make informed decisions about
the future development of our apps.

To be clear, we cannot track an individual user's behavior. We also cannot receive information
from your device's displays, cameras, or microphones.

Crash Logs

If one of our apps crashes while you are using it, data about the crash will be
collected and sent to us to help identify the cause of the crash so that we can
try to fix it in a future update. These "crash logs" contain information
about the state of the app, operating system, and device at the time of the
crash. Nothing in the crash log can be used to personally identify you, and
crash logs do not contain any of your private data.

Update Checking

By default, our Mac apps periodically check to see if a newer version of the app
is available, so that you can be given the choice to update if you wish.

For apps acquired from the App Store or Mac App Store, update checking behavior
is controlled by the operating system.

For apps acquired via direct download from Panic's web site, an update check
request will be occasionally sent to a Panic-owned server. This request
contains the name and current version of the app you are using, and a small
amount of metadata about your device (such as which operating system version
it is running, and your preferred language) which may be necessary to guide
you to the correct update version. You may turn off update checking from the
app's preferences window.

Similarly, some of our apps also check with a Panic-owned server, on launch, to see if there is a news screen (we call it a "soapbox") to show you.
We might use this news screen to, say, alert you to a major update. No private data is sent to perform this check.

Email List

In some of our apps, you will be given a one-time opportunity to sign up for
our email newsletter the first time you open the app. If you decline, no data
will be sent. If you accept, the email address you provide will be added to our email list.

Our email list is low volume (usually no more than a few messages a year),
and is generally limited to announcements of important new versions of our
apps, or significant new product releases.

We do not sell or otherwise provide any of our email list to third-parties,
with the exception of the company that provides the mailing list services.

Activation

For apps acquired from the App Store or Mac App Store, no activation request
is sent to Panic-owned servers.

For apps acquired via direct download from Panic's web site, an activation
request is performed when you enter a serial number to unlock the app, and
may be repeated from time to time by already activated products.

The activation request consists of a single message sent to a Panic-owned
server, containing encrypted information about the serial number you entered
into the app. The server verifies whether the serial number is valid,
and replies with a digitally signed confirmation if so. Otherwise, an error
message is sent back for the app to display to you.

Logging

When you interact with our servers using a web browser, or indirectly by
network requests sent on your behalf by our apps, some metadata about the
request may be logged by us. This metadata may include your IP address, the
name of the resource requested, and the name and version number of the
software making the request.

We generally don't look at these logs unless a server appears to be being
maliciously used or attacked in some way. We may look at the information in
aggregate to see statistics such as how many times our apps have been
downloaded, or from what sources network traffic is arriving.

Apps like Transmit, whose core purpose is to send and receive your
documents over a network, will, of course, send and receive your documents
as requested, but not to Panic or any other third party. Documents in transit
will be encrypted only if you use a protocol which supports encryption, such as
SFTP, HTTPS, etc. It is your responsibility to be aware of the security
implications of the file transfer protocols you choose to use.

Panic Sync

Some of our apps provide an optional feature called Panic Sync, which
replicates app configuration data across multiple devices you own. If you
choose to use Panic Sync, we will collect and store the data necessary to
provide the syncing feature. This data will be encrypted before transmission
and stored in a way that is unreadable, even by Panic employees.

Refer to the Panic Sync page for specific details on its implementation.

Opting Out

On iOS: refer to the Privacy section in the app's Settings screen.

On macOS: open the app's General preferences panel and uncheck "Send Crash Reports and Statistics".

Questions and Feedback

Please contact us if you have any questions about our data collection or
privacy policies. We'll be more than happy to discuss them with you.